Privacy Policy

Who we are

As our mission is to ditch lawns and grow food all over this beautiful planet, we want to ensure that we are in compliance with laws everywhere and that we are totally transparent with how we use your data and information.

Our website address is: http://farm-a-yard.com.

Please note that there’s 3 founders of Farm-A-Yard, and we do not collect sensitive information from our website users or members of our movement.  We still want to be transparent and comply with laws that help everyone feel more comfortable about their information on the Internet and on our devices.

Our contact information

For website technical issues and server administration please contact:

Criss Ittermann
Eclectic Tech, LLC
PO Box 225
New Hampton, NY 10958
845-820-0262
http://eclectictech.net

For concerns about Farm-A-Yard itself, please contact:

Linda Borghi
Farm-A-Yard
53 Montrose Avenue
Verona NJ 07044
845-545-0952
http://farm-a-yard.com

What personal data we collect and why we collect it

Trust us, we’d rather be farming than collecting your data — but the only way to get rid of all those lawns and grow food is to spread the word and create a movement — so here we are, collecting data so we can give you information to spread!  Therefore, in order to collect your information — we need your permission.

What do we collect? We’re taking names and email addresses.  And if you let us, we’ll put you on our Mailchimp email list.  Sometimes you’ll be able to tell us where you reside— like in our Farm-A-Yard Movement Community, we’ll try to hook you up with a local group of yard farmers so you can swap seeds, veggies and maybe even help each other out or have a garden potluck!

Speaking of our Movement Community, if you opt to join our community at Mighty Networks, they will collect any information you give their system for the purpose of sharing your posts and comments, so that you can connect with other yard farmers and farming enthusiasts from all over the world!   — so if you want to become part of that community, make sure you read their privacy policy, too.

If you download our packets of information from Gumroad, it collects your email address.  We want that email address in Mailchimp so you get our notifications. But we need your permission.

We don’t want your personal sensitive data. We won’t log it or track it, but you might talk about your personal information on Facebook or the Mighty Network’s Movement Community group, and they’re in charge of your security and privacy while on their applications — although we’ll do whatever we can to help you if you need it.

Comments

We really do love comments!

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Comment data is sent to Akismet for analysis — see Where We Send Your Data, below.

Media

It’s very unlikely you’ll be doing this — but if you upload images to this website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Our contact forms email your submission to Linda Borghi.  They are stored on our webserver.

Cookies

Cookies are snippets of data stored on your computer that can be called up from our web server. You may choose not to opt for cookies on this website.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website — with the addition that the other website gets the link information for the page that you’re viewing as well (as a referrer page).

These external websites may collect data about you, use cookies or access their own cookies that are already on your computer, embed additional third-party tracking into the session, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We have opted to not share our website traffic data or your data with Google or Facebook for analytics or ad retargeting etc.

Our web server logs track your IP address and which pages you have accessed.  This data is logged but not analyzed. It is on an automatic schedule to rotate the web server logs, archive (compress) them, and delete them, and is only viewed by administrators when there’s a problem with a website or access.

Who we share your data with

Blubrry PowerPress (our podcast audio players on our website), Mighty Networks (our membership community), Mailchimp (our email list), Gumroad (our public product sales), Patreon (our patron support portal), Facebook (our social media movement community) may all have access to some of your information.

For example, when you access a podcast through the audio player on our website, it’s possible that Blubrry PowerPress gets the webpage URL that you are accessing, and other browser information, and potential identifying information such as your IP address.

If you join our membership community on Mighty Networks, they will have your login information, images and text that you enter into their forms and send to their site, conversations you have, your IP address, etc.

If you sign up on our email list, Mailchimp will have your email address, they may have your name, they may get information from your browser when you click a double-opt-in form, etc.

Gumroad asks for an email address when you purchase a product, even when the product is “free”.  Like any website, they can track what page you clicked the link from, and your IP address, the type of browser you’re using, etc.  Due to non-compliance with the GDPR, we have temporarily removed Gumroad from our workflow awaiting compliance.

In the event of legal service, or threats or abuse, our web server logs (like any of our collected information, knowledge, or data) may be shared with authorities.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

We use the Akismet plugin and service to screen our website comments for spam. The information their plug-in collects typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).  The purpose is to protect our website information, brand, to keep people away from harmful information or links that may victimize website users, and to not have ourselves associated with spammy people and websites.

Additional information

Project Information

From time-to-time we work with partner organizations, organizers, and people in the community and may have to store time-sensitive or project-sensitive information about other people’s work.  For example, we have a Podcast Guest form on Google Forms that sends information to Google Sheets where we plan out our podcast episodes. The form collects contact information, ideas for the podcast and giveaways for the episode.  This information is stored at Google on our Google Drive.

Our community movement includes using Patreon, Podbean, iTunes, Mailchimp, Gumroad, Facebook, Facebook Messenger, YouTube, Vimeo, Mighty Networks, Instagram, Twitter, LinkedIn, iCloud (Apple), Google Drive (Forms, Docs, Sheets), Dropbox, Blubrry PowerPress, and Google Analytics.  Most of these will only get your IP address, browser information, and referring webpage if you visit them or a page that includes embedded assets like videos or audio players.

We may store movement member data (generally just name and email address, possibly phone number if you’ve given it to us) via our phone contacts, contact software, email list back-ups, Mighty Networks backups, on our private hard drives, backup copies of drives, Dropbox, Google Drive, iCloud, Mailchimp (if you opted into our email list), Patreon (supporters & followers), personal or business emails, note-taking applications, etc.

How we protect your data

Our website is on an encrypted drive on our webserver.  Only 2 admins have root access to the server. Other providers in our network are being screened for proper GDPL compliance or (like Gumroad) we will remove them from our workflow.

If we have any breaches of security we’re required to notify all “users” in a limited timeframe (72 hours) & notify the entities handling our information. Thus, if someone hacks our personal computer and they may have had access to say our Patreon account — we’d have to notify Patreon AND the users.  

Future Improvements

We are currently working on adding TLS/HTTPS security to our website, including our webmail services.  Right now it would take effort for people to actively intercept your data while you are filling out webforms (comments and contact/email forms), but it is possible for them to do it.  If you’re that worried about them intercepting how many rows of broccoli you should plant then know that we’ll be updated soon. We expect to have HTTPS fully set up by the end of August, hopefully sooner.

We have removed Gumroad from our workflows while waiting for them to be GDPR compliant.

What data breach procedures we have in place

Our server has not been breached to our knowledge.  If it is, we are bound to notify our customers that their data may have been leaked.  Given the type of website we are, that data may include your email address, your climate or location, your planting zone, your food allergies or sensitivities, whether you have children, and whether you like kale.  The type of information that may leak about you will depend on your level of involvement with Farm-A-Yard, and what you choose to share. The most likely breach will be your email address and perhaps your name or nickname if you gave it to us.  If this happens, we’ll have to email everyone that their email may have been leaked.